[Heimdal-source-changes] [heimdal/heimdal] 6dd3eb: CVE-2017-11103: Orpheus' Lyre KDC-REP service name...
GitHub
noreply at github.com
Tis Juli 11 18:54:27 CEST 2017
Branch: refs/heads/master
Home: https://github.com/heimdal/heimdal
Commit: 6dd3eb836bbb80a00ffced4ad57077a1cdf227ea
https://github.com/heimdal/heimdal/commit/6dd3eb836bbb80a00ffced4ad57077a1cdf227ea
Author: Jeffrey Altman <jaltman at secure-endpoints.com>
Date: 2017-07-10 (Mon, 10 Jul 2017)
Changed paths:
M lib/krb5/ticket.c
Log Message:
-----------
CVE-2017-11103: Orpheus' Lyre KDC-REP service name validation
In _krb5_extract_ticket() the KDC-REP service name must be obtained from
encrypted version stored in 'enc_part' instead of the unencrypted version
stored in 'ticket'. Use of the unecrypted version provides an
opportunity for successful server impersonation and other attacks.
Identified by Jeffrey Altman, Viktor Duchovni and Nico Williams.
Change-Id: I45ef61e8a46e0f6588d64b5bd572a24c7432547c
More information about the Heimdal-source-changes
mailing list